But you can have online privacy in Canada right now. Proton + one-off email, a reputable VPN, Linux + GrapheneOS, Vivaldi browser, containerization/VMs, Signal, etc.
I do most of those things, personally, but I’m stuck using Microsoft 365 and Google for work. I’m getting the Click Communicator as a work phone, so I can finally rip Microsoft and Google out of my personal phone. Completely eliminating my Google and Hotmail email accounts will be challenging, with decades of legacy accounts and thousands of contacts over the years, but I use them for less and less.
Regardless, Bill C22 is bad legislation. It makes us less secure/more vulnerable and tramples over human rights (Charter).
Idk. The faceless influencers impact on Alberta separatism and the ability for foreign agents to hide using those same privacy tools makes me think that there are limits required. Blindly championing ‘privacy’ over all else is the sort of mantra I hear from bitcoin techbros bragging about the speed / ease of doing international transactions with… sanctioned / terrorist countries… because there’s no legislation / regulations preventing those actions.
Putting in requirements for companies/online services to have log files, and allowing the government to access those log files via court orders, doesn’t seem like a bad thing to me. I’ve literally encountered IT people who support things like fintechs, who say shit like “If you don’t keep log files, there’s no evidence if you get hacked, so you can just deny it was you that leaked peoples profiles/payment data”. Keep in mind too, that the legislation excludes things like a need for them to record the content of your messages etc – it’s pretty restricted to just meta data. So they can see you went to pornhub, but can’t pull up all your smutty secrets.
And beating the drum of charter rights is also weird to me. Charter Rights are highly subjective, and often have their meanings twisted by the courts. Like Section 15(1) which talks about how “every individual is equal before and under the law, and has the right to equal protection and benefit of the law without discrimination based on race, national or ethnic origin, colour, religion, sex, age, or mental or physical disability”… gets interpreted by the courts as First Nations people get special considerations / unequal treatment for murdering white people based on racial lenses that are required by the system. In terms of “privacy”, there’s no mention of privacy directly in the charter of rights, just mentions of things like protections against unreasonable search/seizure etc, that often gets translated by people into “I have a right to privacy!” – nah, not really, especially not with the courts being able to interpret things to mean the opposite anyhow.
The latest version of the bill clips a bunch of the warrant-less shit. The main thing it allows is for cops to verify if so and so uses a service – big whoop, they can more easily identify which tech co is hiding which perp and get an appropriate warrant for the real data. Makes things more efficient, and is in line with the constitution’s “Peace, Order and Good Governance”. The other big change is requiring more logs/meta data retention (which is why “log less” companies are saying they’ll pull out) – but as noted above, keeping those logs is also arguably part of trying to improve companies’ control and accountability for how they handle our data.
There’s nothing in the legislation saying you can’t self-host, so your VMs and containers are safe. Linux won’t go away. Proton already keeps logs/data, they’ve released such data to law enforcement in the past. If a large number of pedophiles and criminals are using log-less VPNs for committing crimes like kiddie porn, it’s “reasonable” for there to be more restrictions / regulations put in place. If you just want to watch shows in some other jurisdiction, it’s pretty easy to get a private VPC running a self-hosted VPN tunnel to do it – it just limits a business from providing that service to a bunch of faceless people. Similar with Signal – you could get a Nextcloud server self-hosted and have all your friends chatting / sharing files through that without c-22 impact. But once you start charging for it as a business, and offering that service to the public, you’d have to start recording some details about who’s using it… so the technical bar changes a bit, but you still have options for privacy. Idk, I don’t really see the problem with the general intention of the legislation, and the changes they’ve made address many of the initial concerns from the previous iteration.
But you can have online privacy in Canada right now. Proton + one-off email, a reputable VPN, Linux + GrapheneOS, Vivaldi browser, containerization/VMs, Signal, etc.
I do most of those things, personally, but I’m stuck using Microsoft 365 and Google for work. I’m getting the Click Communicator as a work phone, so I can finally rip Microsoft and Google out of my personal phone. Completely eliminating my Google and Hotmail email accounts will be challenging, with decades of legacy accounts and thousands of contacts over the years, but I use them for less and less.
Regardless, Bill C22 is bad legislation. It makes us less secure/more vulnerable and tramples over human rights (Charter).
Vivaldi browser isn’t open, use Firefox/Waterfox/Librewolf instead.
Idk. The faceless influencers impact on Alberta separatism and the ability for foreign agents to hide using those same privacy tools makes me think that there are limits required. Blindly championing ‘privacy’ over all else is the sort of mantra I hear from bitcoin techbros bragging about the speed / ease of doing international transactions with… sanctioned / terrorist countries… because there’s no legislation / regulations preventing those actions.
Putting in requirements for companies/online services to have log files, and allowing the government to access those log files via court orders, doesn’t seem like a bad thing to me. I’ve literally encountered IT people who support things like fintechs, who say shit like “If you don’t keep log files, there’s no evidence if you get hacked, so you can just deny it was you that leaked peoples profiles/payment data”. Keep in mind too, that the legislation excludes things like a need for them to record the content of your messages etc – it’s pretty restricted to just meta data. So they can see you went to pornhub, but can’t pull up all your smutty secrets.
And beating the drum of charter rights is also weird to me. Charter Rights are highly subjective, and often have their meanings twisted by the courts. Like Section 15(1) which talks about how “every individual is equal before and under the law, and has the right to equal protection and benefit of the law without discrimination based on race, national or ethnic origin, colour, religion, sex, age, or mental or physical disability”… gets interpreted by the courts as First Nations people get special considerations / unequal treatment for murdering white people based on racial lenses that are required by the system. In terms of “privacy”, there’s no mention of privacy directly in the charter of rights, just mentions of things like protections against unreasonable search/seizure etc, that often gets translated by people into “I have a right to privacy!” – nah, not really, especially not with the courts being able to interpret things to mean the opposite anyhow.
The latest version of the bill clips a bunch of the warrant-less shit. The main thing it allows is for cops to verify if so and so uses a service – big whoop, they can more easily identify which tech co is hiding which perp and get an appropriate warrant for the real data. Makes things more efficient, and is in line with the constitution’s “Peace, Order and Good Governance”. The other big change is requiring more logs/meta data retention (which is why “log less” companies are saying they’ll pull out) – but as noted above, keeping those logs is also arguably part of trying to improve companies’ control and accountability for how they handle our data.
There’s nothing in the legislation saying you can’t self-host, so your VMs and containers are safe. Linux won’t go away. Proton already keeps logs/data, they’ve released such data to law enforcement in the past. If a large number of pedophiles and criminals are using log-less VPNs for committing crimes like kiddie porn, it’s “reasonable” for there to be more restrictions / regulations put in place. If you just want to watch shows in some other jurisdiction, it’s pretty easy to get a private VPC running a self-hosted VPN tunnel to do it – it just limits a business from providing that service to a bunch of faceless people. Similar with Signal – you could get a Nextcloud server self-hosted and have all your friends chatting / sharing files through that without c-22 impact. But once you start charging for it as a business, and offering that service to the public, you’d have to start recording some details about who’s using it… so the technical bar changes a bit, but you still have options for privacy. Idk, I don’t really see the problem with the general intention of the legislation, and the changes they’ve made address many of the initial concerns from the previous iteration.